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GUNNISON, McKAY & HODGSON, L.L.P. 
Garden West Office plaza, Surra 220 
1900 Garden Road 
Monterey, California 93940 
Telephone 831.655.0880 - Facsimile 831.655.0888 

August 1, 2007 



VIA MGSlMlLg 
Mail Stop 16 

Director of the US Patent and Trademark Office 
PO Box 1450 

Alexandria, VA 22313-1450 

Re: Request for Refund 

Patent Application No.: 10/672,700 
Filing Date: September 25, 2003 

Deposit Account No.: 50-0553 

Dear Sirs: 

We request a refund in the amount 0^56,300.00 Which was charged to Deposit Account 
No. 50-0553 on July 24, 2007 for excess clainM&sjeraie above patent application. 

An amendment was filed on July 19, 2007 for the above application. The number of 
claims in the amendment is the same as the number as filed None of the claims in the 
amendment are indicated "new" so there can be no additional claims fees. Accordingly, the 
$6,300.00 charge on July 24, 2007 for excess claims fees is in error and we request that this 
amount be refunded to the above deposit account. 

This request is supported by the following: 

1 ) a true copy of the Filing Receipt indicating 63 total claims and 2 1 independent claims 
as filed (2 pages); 

2) a true copy of the Transmittal Letter for the amendment filed an July 1 9, 2007 with 
the USPTO date stamp of July 23, 2007 (2 pages); and 

3) a true copy of the claims submitted in the amendment filed on July 1 9, 2007 
indicating 63 total claims and 21 independent claims (14 pages). 

The Director is authorized to credit the refund amount to Deposit Account No. 50-0553. 
Thank you for your attention to this matter. 

Very truly yours, 

Mona Marshall 
Paralegal 

/mm 

Enclosures 
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July 19, 2007 




Mail Stop Amendment 
Commissioner for Patents 
P.O. Box 1450. 
Alexandria, VA 22313-1450 



TRAMSMZTTJU. MBTTBR 



RE: Applicant (s) t 
Aaoignee : 

Title: 

Serial No.: 
Filing; Date: 
Examiner:, 
droup Art unit: 
• Docket No. t 



Bduard K. da Jong 

Sun MicroeyB terns, Inc.. 

PERMUTATION OF OPCODE VALUES FOR 
/APPLICATION PROGRAM OBFUSCATION 

10/672,700 

September 25, 2003 

April Ying Shan 

2135 

SUN040023 



Dear Sir: 

Transmitted herewith are the following documents for the 
response to the Office Action <iated ApriL 20, 2007 in the 
above application:. 

i:. Return receipt postcard; 

2, Thi« Transmittal Letter. (2. pages) ; and 

3, Amendment (47 pages, including 3 replacement sheets 
of. drawings) . 



No additional claims fees are required. 
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GUNNISON, MCKAY & HODGSON, L.L.P, 

Transmittal Letter 
Serial No. 10/672,700 
July 19, 2007 



CIAIM3 AS AMENDED 





Claims Remaining 
after Amendment 


Higheat Mo. 
Previously 
Paid TOt 


present 
Extra 


Rata 


Additional 
Fee 




Toe ft 1 clalmo 


$2 


- 31 


• 43 


X $50.00 


$2,100.00 


Independent Clalma 




- 31 


- 42 


x 9200.00 


$0,400.00 


First tiling of KulfciplS Dependent Claim (Enter $290) 




0.00 






Total at above calculation 


$10,500.00 


Reduction by 50% for filing by Small Entity < Enter 0.8 for snail entity) 


1.0 


subtotal 


$10,500.00 


TOTAL 


9 0.00 



ED Conditional Petition for Extension of Time: If an 
extension of time is required for timely filing of the enclosed 
documents after all papers filed with this transmittal have been 
considered, Applicant (s) hereby petition for such an extension 
of time- 

El The Commissioner is hereby authorized to charge any 
additional fees required for consideration of the enclosed 
documents, and to credit any overpayment of fees to Deposit 
Account No. 50*0553. 



CSKTXrZCATB OF tOkZUMOJ 
Z hereby certify that this correspondence la 
being deposited with the united States Foetal 
Service with sufficient postage a» first class 
mail in an envelope addressed to« Cowmioeioosr 
for Patents, p.p. Box 14S0. Alexandria* va 
32313-14S0, on July 19, 3007. 



Respectfully submitted, 





Attorney for Applicant (s) 



sate of signature 



Forrest Gunnison 
Attorney for Applicant (s) 

Reg. No. 3 2,899 
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This listing of claims replaces all prior versions, and 
listings of claims in the instant application: 

Listing of Claims i 

1. (Original) A mathod for executing an obfuscated 
application program, the method comprising: 

receiving an obfuscated application program, said 
obfuscated application program comprising at least one 
instruction opcode value encoded using one of a 
plurality of instruction set opcode value encoding 
schemes/ 

determining a dispatch table associated with said 
application program, said dispatch table corresponding 
to said one of a plurality of instruction set opcode 
value encoding schemes f and 

executing said application program using said 
associated dispatch table. 

2. (Original) The iftethod of claim l wherein said 
determining comprises generating said dispatch table in 
response to said receiving. 

3. (Original) The method of claim 1 wherein said 
determining comprises selecting a dispatch Cable from a 
plurality of dispatch tables in response to said receiving, 
said plurality of dispatch tables stored in a memory, 

4. (Original) A method for executing an obfuscated 
application program, the method comprising: 

receiving an obfuscated application program, said 
obfuscated application program comprising at least one 
instruction opcode value encoded using one of a 
plurality of non-standard instruction set opcode value 
encoding schemes; 
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Appl. No. 10/672.700 

Amdt. dated July 19, 2007 

Reply to Office Action of April 20. 2007 

determining an instruction set opcode value 
encoding scheme associated with said obfuscated 
application program; 

rewriting said application program using a 
standard opcode value encoding scheme if said received 
application program is not encoded using said standard 
opcode value encoding scheme; and 

executing said application program using a 
dispatch table associated with said standard opcode 
value encoding scheme. 

5. (Original) A method for application program 
obfuscation, the method comprising* 

reading an application program comprising code; 



transformed application program code that uses one of a 
plurality of opcode value encoding schemes of a 
dispatch table associated with said application 
program; and 



6. (Original) The method of claim 5, further 
comprising receiving an application program request from a 
user device, said transforming occurring in response to said 
receiving. 

7. (Original) The method of claim 5 wherein 

said method further comprises, after said 
creating , applying a cryptographic process to said 
obfuscated application program together with a 
cryptographic key to create an encrypted obfuscated 
application program; and 

said sending comprises sending said encrypted 
obfuscated application, program. 



transforming said application program code into 



sending said transformed application program code. 




Page 16 of 47 




PAGE 8f20 1 RCVD AT 81112007 6:51:42 PM [Eastern Daylight The] 1 5VR:USPTQ£FXRF-3f1$ 1 DfflSOTM 1 C8ID:831 6SS 0888 1 DURATION (nun-$$):(K40 



09/01/07 14:51 FAX 831 655 088$ 



GUNNISON MCKAY HODGSON 



8)009 



Appl. No. 10/672,700 

AmdC. datad July 19, 3007 

Reply to Office Action of April 20, 2007 

8. (Withdrawn) A method for creating an opcode value 
encoding scheme for an instruction set, the method 
comprising; 

creating a series of numbers using a randomized 
process; 

filtering said series to remove duplicate numbers; 

and 

creating a one-to-one mapping between instruction 
implementation methods in an instruction set and said 
numbers - 

9. (withdrawn) A method for creating an opcode value 
encoding scheme for an instruction set, the method 
comprising j 

selecting a seed and a cryptographic key; 

creating a series of numbers based at least in 
part on said seed and said cryptographic key, said seed 
having a size that is less than the size of said, 
series; 

filtering said ssriee to remove duplicate numbers; 

and 

creating a one-to-one mapping between instruction 
implementation methods in an instruction set and said 
numbers . 

10. (Withdrawn) The method of claim 9 wherein said 
creating comprises using a loop back hash function to create 
said series. 

11. (Withdrawn) The method of claim 10 wherein said 
loop back hash function conjprisee the MD4 algorithm. 

12. (Withdrawn) The method of claim 10 wherein said 
loop back hash function comprises the MD5 algorithm, 



13. (Withdrawn) The method of claim 10 wherein said 
loop back hash function comprises the SHA-l algorithm. 
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Appl. No. 10/672,700 

Amdt. dated July 19, 2007 

Reply to office Action of April 20 , 2007 



14. (Withdrawn) The method of claim 10 wherein said 
key is based at least in part on a target ID. 

15. (Withdrawn) The method of claim 14 wherein said 
target ID comprises a VM ID. 

16. (original) A program storage device readable by a 
machine, embodying a program of instructions executable by 
the machine to perform a method for executing an obfuscated 
application program, the method comprising: 

receiving an obfuscated application program, said 
obfuscated application program conprising at least one 
instruction opcode value encoded using one of a 
plurality of instruction set opcode value encoding 
. schemes/ 

•■* determining a dispatch table associated with said 
application program, said dispatch table corresponding 
to said one of a plurality of instruction set opcode 
value encoding schemes; and 

executing said application program using said 
associated dispatch table. 

17. (Original) The program storage device of claim 16 
wherein said determining comprises generating said dispatch 
table in response to said receiving. 

18. (Original) The program storage device of claim 16 
wherein said determining comprises selecting a dispatch 
table from a plurality of dispatch tables in response to 
said receiving , said plurality of dispatch tables stored in 

a memory. 




19. (Original) A program storage device readable by a 
machine, embodying a program of instructions executable by 
the machine to perform a method for executing an obfuscated 
application program, the method comprising z 
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Appl- No. 10/672,100 

Amat, dated July 19, 2007 

Reply to Office Action of April 20, 2007 

receiving an obfuscated application program, said 
obfuscated application program comprising at least one 
instruction opcode value encoded using one of a 
plurality of non-standard instruction set opcode value 
encoding schemes; 

determining an instruction set opcode value 
encoding scheme associated with said obfuscated 
application program* 

rewriting said application program using a 
standard opcode value encoding scheme if said received 
application program is not encoded using said standard 
opcode value, encoding scheme; and 

executing said application program using a 
dispatch table associated with said standard opcode 
value encoding scheme. 

20, k (Original) A program storage device readable by a 
machine ,• embodying a program of instructions executable by 
the machine to perform a method for application program 
obfuscation, the method comprising: 

reading an application program* comprising code; 

transforming said application program code into 
transformed application program code that uses one of a 
plurality of opcode value encoding schemes of a 
dispatch table associated with said application 
program; and 

sending said transformed application program code. 

21. (Original) The program storage device of claim 
20, the method further comprising receiving an application 
program request from a user device, said transforming 
occurring in response to said receiving. 




22. (Original) The program storage device of claim 20 



wherein 



said method further comprises, after said 
creating, applying a cryptographic process to said 
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Appl. No, 10/672.700 

Amdt- dated July 19, 2007 

Reply to Office Action of April 20, 2007 



obfuscated application program together with a 
cryptographic key to create an encrypted obfuscated 
application program; and 

aaid sending comprises sending said encrypted 
obfuscated application program. 

23. (Withdrawn) A program storage device readable by 
a machine , embodying a program of instructions executable by 
the machine to perform a method for creating an opcode value 
encoding scheme for an instruction set, the method 
comprising: 

creating a series of numbers using a randomized 
process ; 

filtering said series to remove duplicate numbers; 

and 

creating a one-to-one mapping between instruction 
' implementation methods in an instruction set and said 
numbers. 

24. (withdrawn) A program storage device readable by 
a machine, embodying a program of instructions executable by 
the machine to perform a method for creating an opcode value 
encoding scheme for an instruction set, the method 
comprising: 

selecting a seed and a cryptographic key; 

creating a series of numbers based at least in 
part on said seed and said cryptographic key, said seed 
having a size that is less than the size of said 
series; 

filtering said series to remove duplicate numbers; 

and 

creating a one-to-one mapping between instruction 
implementation methods in an instruction set and said 
numbers . 
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Amdt. dated July 19, 2007 

Reply to Office Action of April 20, 2007 



25. (Withdrawn} The program storage device of claim 

24 wherein said creating comprises using a loop back hash 
function to create said series. 

26. (Withdrawn) The program atorage device of claim 

25 wherein said loop back hash function comprises the MD4 

algorithm. 

27. (Withdrawn) The program storage device of claim 
25 wherein said loop back hash function comprises the MD5 
algorithm. 

28. (Withdrawn) The program storage device of claim 
25 wherein said loop back hash function comprises the SHA-1 
algorithm. 

29. (withdrawn) The program storage device of claim 
25 wherein said* key is based at least in part on a target 
ID. 

30. (Withdrawn) The program storage device of claim 
29 wherein said target ZD comprises a VM ID. 

31. (Currently Amended) An apparatus for executing an 
obfuscated application program, the apparatus comprising* 

a processor; and 

a memory, coupled to said processor, having stored 
therein computer readable instructions wherein 
executing said computer readable instructions on said 
processor provides; 

means for receiving an obfuscated application 
program, said obfuscated application program 
comprising at least one instruction opcode value 
encoded using one of a plurality of instruction 
set opcode value encoding schemes; 

means for determining a dispatch table 
associated with said application program, said 
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Amdt. dated JUly 19, 200? 

Reply to Office Action of April 20, 2007 



dispatch table corresponding to said one of a 
plurality of Instruction set opcode/value encoding 
schemes; and S 



32. (original) The apparatus of claim 31 wherein said 
means for determining comprises means for generating said 
dispatch table in response to said receiving. 

33, (original) The apparatus of claim 31 wherein said 
means for determining comprises means for selecting a 
dispatch table from a plurality of dispatch tables in 
response to said receiving, said plurality of dispatch 
tables stored in a memory. 

34 .* - (Currently Amended) An apparatus for executing an 
obfuscated application program, the apparatus comprising: ' 
a processor; and 

a memory, coupled to said processor, having stored 
therein computer readable instructions wherein 
executing said computer readable instructions on said 
processor provides; 



means for receiving an obfuscated application 
program, said obfuscated application program 
comprising at least one instruction opcode value 
encoded using one of a plurality of non-standard 
instruction set opcode value encoding schemes j 

means for determining an instruction set 
opcode value encoding scheme associated with said 
obfuscated application program; 

means for rewriting said application program 



means for executing said application program 
using said associated dispatch table. 




using a standard opcode value encoding scheme if 
said received application program is not encoded 
using said standard opcode value encoding scheme; 
and 
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Appl. No. 10/672,700 

Aradt. dated July 19, 2007 

Raply to Office Action of April 20, 2007 
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means for executing said application program 
using a dispatch table associated with said * 
standard opcode value encoding scheme. 

35. (Currently Amended) An apparatus for application 
program obfuscation, the apparatus comprising: 

a processor; and 

a memory, coupled to said processor, having stored 
therein computer readable instructions wherein 
executing said computer readable instructions on said 
processor provides: 

means for reading an application program 
comprising code; 

means for transforming said application 
program code into transformed application program 
code that uses one of a plurality of opcode value 
encoding schemes of a dispatch table associated 
with said application program; and 

means for sending 'said transformed 
application program code. 

36. (Original} The apparatus of claim 35, further 
comprising means for receiving an application program 
request from a user device, said transforming occurring in 
response to said receiving . 

37. (Original) The apparatus of claim 35 wherein 
said apparatus further comprises means for 

applying a cryptographic process to said obfuscated 
application program together with a cryptographic key 
to create an encrypted obfuscated application program 
after said creating; and 

said means for sending comprises means for sending 
said encrypted obfuscated application program. 
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38. (Withdrawn) An apparatus for creating an opcode 
value encoding scheme for an instruction eat, the apparatus 
comprising: 

means for creating a series of numbers using a 
randomized process; 

means for filtering said series to remove 
duplicate numbers; and 

means for creating a one-to-one mapping between 
instruction implementation methods in an instruction 
set and said numbers. 

39. (Withdrawn) An apparatus for creating an opcode 
value encoding schema for an instruction set, the apparatus 
comprising* 

means for selecting a seed and a cryptographic 

key; 

means for creating a series of numbers based at 
least in part on said seed and said cryptographic key, 
said seed having a size that* is- less than the size of 
said series; 

means for filtering said serieB to remove 
duplicate numbers; and 

means for creating a one-to-one mapping between 
instruction implementation methods in an instruction 
set and said numbers. 

40. (Withdrawn) The apparatus of claim 39 wherein 
said means for creating comprises means for using a loop 
back haBh function to create said series. 

41. (Withdrawn) The apparatus of claim 40 wherein 
said loop back hash function comprises the MD4 algorithm. 

42. (Withdrawn) The apparatus of claim 40 wherein 
said loop back hash function comprises the MD5 algorithm. 
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Amdt. daCQd July 19. 2007 

Reply to Office Action of April 20, 200? 

43. (Withdrawn) The apparatus of claim 40 wherein 
said loop back hash function comprises the SHA-l algorithm . 

44. (Withdrawn) The apparatus of claim 40 wherein 
said key is based at least in part on a target ID, 

45. (Withdrawn) The apparatus of claim 44 wherein 
said target id comprises a VM ID. 

46. (original) An apparatus for executing an 
obfuscated application program, the apparatus conprising a 
user device configured tor 

receive an obfuscated application program, said 
obfuscated application program comprising at least one 
instruction opcode value encoded using one of a 
plurality of instruction set opcode value encoding 
schemes; 

determine a dispatch table associated with said 
application program, said dispatch table corresponding 
to said one of a plurality of instruction set opcode 
value encoding schemes; and • 

execute said application program using said 
associated dispatch table. 



47. (Original) The apparatus of claim 46 wherein said 
user device is further configured to generate said dispatch 
table in response to said receiving. 

4B. (Original) The apparatus of claim 46 wherein user 
device is further configured to select a dispatch table from 
a plurality of dispatch tables in response to said 
receiving, said plurality of dispatch tables stored in a 



49. (Original) An apparatus for executing- an 
obfuscated application program, the apparatus comprising a 
user device configured cos 



memory . 
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receive an obfuscated application program, said 
obfuscated application program comprising at least one 
instruction opcode value encoded using one of a 
plurality of non-standard instruction sec opcode value 
encoding schemes; 

determine an instruction set opcode value encoding 
scheme associated with said obfuscated application 
program; 

rewrite said application program using a standard 
opcode value encoding scheme if said received 
application program is not encoded using said standard 
opcode value encoding scheme; and 

execute ©aid application program using a dispatch 
table associated with said standard opcode value 
encoding scheme . 

50. (Original) An apparatus for application program 
obfuscation, the apparatus comprising an application program 
provider' "configured tot 

. read an application program conqprising code/' 
transform said application program code intd 
transformed application program code that uses one of a 
plurality of opcode value encoding schemes of a 
dispatch table associated with said application 
program; and 

send said transformed application program code. 

51. (Original) The apparatus of claim 50, said 
application program provider further configured to receive 
an application program request from a user device , said 
transforming responsive to said receiving. 

52. (Original) The apparatus of claim 50 wherein 
said application program provider is further 

configured to apply a cryptographic process to said 
obfuscated application program together with a 



PAGE tai20 ' RCW AT «l(2C0r >^1:42 PMfEastecn DayVgUUm^ ' SVIkUSPT0'EFS)F-3ri«' ONB27JCS0II ' CSIfcnf 6» OOt' OURATKM |pnKS)»Ma 



08/ 01/07 14:34 FAX 831 855 0888 



GUNNISON MCKAY HODGSON 



0019 



Appl. No. 10/672,700 

Amdt. dated July 19, 2007 

Reply to Office Action of April ao, 2007 



cryptographic key to create an encrypted obfuscated 
application program after said creating* and 

said application program provider is further 
configured to send said encrypted obfuscated 
application program. 

53. (Withdrawn) An apparatus for creating an opcode 
value encoding scheme for an instruction set, the apparatus 
comprising an application program provider configured to: 

create a series of numbers using a randomized 
process; 

filter said series to remove duplicate numbers ; 

and 

create a one-to-one mapping between instruction 
implementation methods in an instruction set and said 
numbers \ 

* * * 

54. (Withdrawn) An apparatus for "creating an opcode 
value encoding scheme for an instruction set, the apparatus 
comprising ail application program, provider configured to: 

select a seed and a cryptographic key; 

create a series of numbers based at least in part 
on said seed and said cryptographic key, said seed 
having a size that is less than the size of said 
series/ 

filter said series to remove duplicate numbers/ 

and 

create a one-to-one mapping between instruction 
implementation methods in an instruction set and said 
numbers * 

55. (Withdrawn) The apparatus of claim 54 wherein 
said application program provider is configured to use a 
loop back hash function to create said series. 

56. (withdrawn) The apparatus of claim 55 wherein 
said loop back hash function comprises the MD4 algorithm. 
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57. (Withdrawn) The apparatus of claim 55 wherein 
said loop back hash function comprises the MD5 algorithm. 

58. (withdrawn) The apparatus of claim 55 wherein 
said loop back hash function comprises the SHA-1 algorithm. 

59. (withdrawn) The apparatus of claim 55 wherein 
said key is based at least in part on a target ID. 

60. (Withdrawn) The apparatus of claim 59 wherein 
said target ID comprises a VM ID. 

61. (Withdrawn) A memory for storing data for access 
by an application program being executed on a data 
processing system, comprising x 

a data structure 3tored in said memory, said data 
structure including information used by said • 
application program execute an obfuscated application 
program, said data structure an obfuscated application 
program comprising at least one instruction opcode 
value encoded using one of a plurality of instruction 
set opcode value encoding schemes. 

62 . (Withdrawn) The memory of claim 61 wherein said 
data structure further comprises a cryptographic key and 
protected data, said protected data encrypted using said 
cryptographic key. 

63. (Withdrawn) The memory of claim 61 .wherein said 
data structure further comprises an obfuecation descriptor 
that indicates an obfuecation method used to create said 
obfuscated application program. 
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